<?php
require_once("accountDTO.php");
require_once("dbHelper.php");
class accountDAO extends dbHelper
{
    public function login($email, $password)
    {
        $sql = 'SELECT * FROM account WHERE email = "'. $email .'" LIMIT 1';// AND password = '$password'";
        
        $result = parent::execQuery($sql);
        
        if($result && parent::getNumRows($result) > 0)
        {
            if($row = parent::fetchArray($result))
            {
                /*if(md5($password) == $row[password])*/
                if($password == $row[password])
                {
                    $logUser = new accountDTO($row[accId], $row[email], $row[password],
                                          $row[fullname], $row[address],
                                          $row[phone], $row[DOB], $row[sex],
                                          $row[joinDate], $row[status], $row[avtUrl]);
                    //get_object_vars($logUser)
                    $_SESSION["account"] = get_object_vars($logUser);
                    $_SESSION["login_time"] = time();
                    $_SESSION["logged_in"] = 1;
                    return true;
                }
            	return false;
            }
        }
        return false;
    }
	
	public function logout()
	{
		session_destroy();
	}
	
	public function checkEmailExists($email) {
		$sql = "select email from account where email='$email'";
		$result =  parent::execQuery($sql);		
		if($result && parent::getNumRows($result) > 0)
			return true;
		return false;
	}
	
	public function changePass($email)
	{
		$sql = "select password from account where email ='$email'";
		parent::execQuery($sql);
		if(parent::getAffectedRows() > 0)
			return true;
		return false;
	}
	
	public function create($accountDTO)
	{
		$sql = "insert into account(email, password, fullname, address, phone, 
                                    DOB, sex, joinDate, status, avtUrl)
                values('$accountDTO->email',
                       '$accountDTO->password',
                       '$accountDTO->fullname',
                       '$accountDTO->address',
                       '$accountDTO->phone',
                       '$accountDTO->DOB',
                       '$accountDTO->sex',
                       '$accountDTO->joinDate',
                       '$accountDTO->status',
                       '$accountDTO->avtUrl')";
		parent::execQuery($sql);
		if(parent::getAffectedRow() > 0)
			return true;
		return false;
	}
	
	public function update($accountDTO)
	{
		$sql = "update account set  fullname = '$accountDTO->fullname',
                                    address = '$accountDTO->address', 
                                    phone = '$accountDTO->phone',
                                    sex = '$accountDTO->sex',
                                    where email = '$accountDTO->email'";
		parent::execQuery($sql);
		if(parent::getAffectedRows() > 0)
			return true;
		return false;
	}
	
	public function updatePass($accountDTO)
	{
		$sql = "update account set password = '$accountDTO->password'";
	}
	
	public function delete($email)
	{
		$sql = "delete from account where email = '$email'";
		parent::execQuery($sql);
		if(parent::getAffectedRows() > 0)
			return true;
		return false;
	}
	
	public function selectAll()
	{
		$listAccount = array();
		$sql = "select * from account";
		$result = parent::execQuery($sql);
		if($result && parent::getNumRows($result) > 0)
		{
			while($row = parent::fetchArray($result))
			{
				$accDTO = new accountDTO($row[accId], $row[email], $row[password],
                                         $row[fullname], $row[address],
                                         $row[phone], $row[DOB], $row[sex], $row[joinDate], 
                                         $row[status], $row[avtUrl]);
				$listAccount[count($listAccount)] = $accDTO;
			}
		}
		return $listAccount;
	}
    
    public function selectById($accId){
        /*$accDTO = new accountDTO($row[accId], $row[email], $row[password],
                                 $row[fullname], $row[address], $row[phone],
                                 $row[DOB], $row[sex], $row[joinDate], 
                                 $row[status], $row[avtUrl]);*/
        $sql = "select * from account where accId = '$accId'";
        $accDTO = parent::execQuery($sql);
        return mysql_fetch_array($accDTO);
    }
}
?>